jmg
/
vlanmang
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
VLAN Manager tool
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 Commits
2 Branches
286 KiB
 
 
Tree: e42054d223
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e42054d223'
${ noResults }
vlanmang/vlanmang.py

554 lines
14 KiB
Raw Blame History 

  1. #!/usr/bin/env python

  2. # -*- coding: utf-8 -*-

  3. 

  4. from pysnmp.hlapi import *

  5. from pysnmp.smi.builder import MibBuilder

  6. from pysnmp.smi.view import MibViewController

  7. 

  8. import importlib

  9. import itertools

  10. import mock

  11. import random

  12. import unittest

  13. 

  14. _mbuilder = MibBuilder()

  15. _mvc = MibViewController(_mbuilder)

  16. 

  17. #import data

  18. 

  19. # received packages

  20. # pvid: dot1qPvid

  21. #

  22. # tx packets:

  23. # dot1qVlanStaticEgressPorts

  24. # dot1qVlanStaticUntaggedPorts

  25. #

  26. # vlans:

  27. # dot1qVlanCurrentTable

  28. #	lists ALL vlans, including baked in ones

  29. #

  30. # note that even though an snmpwalk of dot1qVlanStaticEgressPorts

  31. # skips over other vlans (only shows statics), the other vlans (1,2,3)

  32. # are still accessible via that oid

  33. #

  34. # LLDP:

  35. # 1.0.8802.1.1.2.1.4.1.1 aka LLDP-MIB, lldpRemTable

  36. 

  37. class SwitchConfig(object):

  38. 	def __init__(self, host, community, vlanconf, ignports):

  39. 		self._host = host

  40. 		self._community = community

  41. 		self._vlanconf = vlanconf

  42. 		self._ignports = ignports

  43. 

  44. 	@property

  45. 	def host(self):

  46. 		return self._host

  47. 

  48. 	@property

  49. 	def community(self):

  50. 		return self._community

  51. 

  52. 	@property

  53. 	def vlanconf(self):

  54. 		return self._vlanconf

  55. 

  56. 	@property

  57. 	def ignports(self):

  58. 		return self._ignports

  59. 

  60. 	def getportlist(self, lookupfun):

  61. 		'''Return a set of all the ports indexes in data.'''

  62. 

  63. 		res = set()

  64. 

  65. 		for id in self._vlanconf:

  66. 			res.update(self._vlanconf[id].get('u', []))

  67. 			res.update(self._vlanconf[id].get('t', []))

  68. 

  69. 		# add in the ignore ports

  70. 		res.update(self._ignports)

  71. 

  72. 		# filter out the strings

  73. 		strports = set(x for x in res if isinstance(x, str))

  74. 

  75. 		res.update(lookupfun(x) for x in strports)

  76. 		res.difference_update(strports)

  77. 

  78. 		return res

  79. 

  80. def _octstrtobits(os):

  81. 	num = 1

  82. 	for i in str(os):

  83. 		num = (num << 8) | ord(i)

  84. 

  85. 	return bin(num)[3:]

  86. 

  87. def _intstobits(*ints):

  88. 	v = 0

  89. 	for i in ints:

  90. 		v |= 1 << i

  91. 

  92. 	r = list(bin(v)[2:-1])

  93. 	r.reverse()

  94. 

  95. 	return ''.join(r)

  96. 

  97. def _cmpbits(a, b):

  98. 	last1a = a.rindex('1')

  99. 	last1b = b.rindex('1')

  100. 	if last1a != -1:

  101. 		a = a[:last1a]

  102. 	if last1b != -1:

  103. 		b = b[:last1b]

  104. 

  105. 	return a == b

  106. 

  107. import vlanmang

  108. 

  109. def checkchanges(module):

  110. 	mod = importlib.import_module(module)

  111. 	mods = [ i for i in mod.__dict__.itervalues() if isinstance(i, vlanmang.SwitchConfig) ]

  112. 

  113. 	res = []

  114. 

  115. 	for i in mods:

  116. 		vlans = i.vlanconf.keys()

  117. 		switch = SNMPSwitch(i.host, i.community)

  118. 		portmapping = switch.getportmapping()

  119. 		invportmap = { y: x for x, y in portmapping.iteritems() }

  120. 		lufun = invportmap.__getitem__

  121. 

  122. 		# get complete set of ports

  123. 		portlist = i.getportlist(lufun)

  124. 

  125. 		ports = set(portmapping.iterkeys())

  126. 

  127. 		# make sure switch agrees w/ them all

  128. 		if ports != portlist:

  129. 			raise ValueError('missing or extra ports found: %s' %

  130. 			    `ports.symmetric_difference(portlist)`)

  131. 

  132. 		# compare pvid

  133. 		pvidmap = getpvidmapping(i.vlanconf, lufun)

  134. 		switchpvid = switch.getpvid()

  135. 

  136. 		res.extend(('setpvid', idx, vlan, switchpvid[idx]) for idx, vlan in

  137. 		    pvidmap.iteritems() if switchpvid[idx] != vlan)

  138. 

  139. 		# compare egress & untagged

  140. 		switchegress = switch.getegress(*vlans)

  141. 		egress = getegress(i.vlanconf, lufun)

  142. 		switchuntagged = switch.getuntagged(*vlans)

  143. 		untagged = getuntagged(i.vlanconf, lufun)

  144. 		for i in vlans:

  145. 			if not _cmpbits(switchegress[i], egress[i]):

  146. 				res.append(('setegress', i, egress[i], switchegress[i]))

  147. 			if not _cmpbits(switchuntagged[i], untagged[i]):

  148. 				res.append(('setuntagged', i, untagged[i], switchuntagged[i]))

  149. 

  150. 	return res

  151. 

  152. def getidxs(lst, lookupfun):

  153. 	return [ lookupfun(i) if isinstance(i, str) else i for i in lst ]

  154. 

  155. def getpvidmapping(data, lookupfun):

  156. 	'''Return a mapping from vlan based table to a port: vlan

  157. 	dictionary.'''

  158. 

  159. 	res = []

  160. 	for id in data:

  161. 		for i in data[id].get('u', []):

  162. 			if isinstance(i, str):

  163. 				i = lookupfun(i)

  164. 			res.append((i, id))

  165. 

  166. 	return dict(res)

  167. 

  168. def getegress(data, lookupfun):

  169. 	r = {}

  170. 	for id in data:

  171. 		r[id] = _intstobits(*(getidxs(data[id].get('u', []),

  172. 		    lookupfun) + getidxs(data[id].get('t', []), lookupfun)))

  173. 

  174. 	return r

  175. 

  176. def getuntagged(data, lookupfun):

  177. 	r = {}

  178. 	for id in data:

  179. 		r[id] = _intstobits(*getidxs(data[id].get('u', []), lookupfun))

  180. 

  181. 	return r

  182. 

  183. class SNMPSwitch(object):

  184. 	'''A class for manipulating switches via standard SNMP MIBs.'''

  185. 

  186. 	def __init__(self, host, community):

  187. 		self._eng = SnmpEngine()

  188. 		self._cd = CommunityData(community, mpModel=0)

  189. 		self._targ = UdpTransportTarget((host, 161))

  190. 

  191. 	def _getmany(self, *oids):

  192. 		oids = [ ObjectIdentity(*oid) for oid in oids ]

  193. 		[ oid.resolveWithMib(_mvc) for oid in oids ]

  194. 

  195. 		errorInd, errorStatus, errorIndex, varBinds = \

  196. 		    next(getCmd(self._eng, self._cd, self._targ, ContextData(), *(ObjectType(oid) for oid in oids)))

  197. 

  198. 		if errorInd: # pragma: no cover

  199. 			raise ValueError(errorIndication)

  200. 		elif errorStatus: # pragma: no cover

  201. 			raise ValueError('%s at %s' %

  202. 			    (errorStatus.prettyPrint(), errorIndex and

  203. 			    varBinds[int(errorIndex)-1][0] or '?'))

  204. 		else:

  205. 			if len(varBinds) != len(oids): # pragma: no cover

  206. 				raise ValueError('too many return values')

  207. 

  208. 			return varBinds

  209. 

  210. 	def _get(self, oid):

  211. 		varBinds = self._getmany(oid)

  212. 

  213. 		varBind = varBinds[0]

  214. 		return varBind[1]

  215. 

  216. 	def _set(self, oid, value):

  217. 		oid = ObjectIdentity(*oid)

  218. 		oid.resolveWithMib(_mvc)

  219. 

  220. 		if isinstance(value, (int, long)):

  221. 			value = Integer(value)

  222. 		elif isinstance(value, str):

  223. 			value = OctetString(value)

  224. 

  225. 		errorInd, errorStatus, errorIndex, varBinds = \

  226. 		    next(setCmd(self._eng, self._cd, self._targ, ContextData(), ObjectType(oid, value)))

  227. 

  228. 		if errorInd: # pragma: no cover

  229. 			raise ValueError(errorIndication)

  230. 		elif errorStatus: # pragma: no cover

  231. 			raise ValueError('%s at %s' %

  232. 			    (errorStatus.prettyPrint(), errorIndex and

  233. 			    varBinds[int(errorIndex)-1][0] or '?'))

  234. 		else:

  235. 			for varBind in varBinds:

  236. 				if varBind[1] != value: # pragma: no cover

  237. 					raise RuntimeError('failed to set: %s' % ' = '.join([x.prettyPrint() for x in varBind]))

  238. 

  239. 	def _walk(self, *oid):

  240. 		oid = ObjectIdentity(*oid)

  241. 		# XXX - keep these, this might stop working, no clue what managed to magically make things work

  242. 		# ref: http://snmplabs.com/pysnmp/examples/smi/manager/browsing-mib-tree.html#mib-objects-to-pdu-var-binds

  243. 		# mibdump.py --mib-source '/Users/jmg/Nextcloud/Documents/user manuals/netgear/gs7xxt-v6.3.1.19-mibs' --mib-source /usr/share/snmp/mibs  --rebuild rfc1212 pbridge vlan

  244. 		#oid.addAsn1MibSource('/usr/share/snmp/mibs', '/Users/jmg/Nextcloud/Documents/user manuals/netgear/gs7xxt-v6.3.1.19-mibs')

  245. 

  246. 		oid.resolveWithMib(_mvc)

  247. 

  248. 		for (errorInd, errorStatus, errorIndex, varBinds) in nextCmd(

  249. 		    self._eng, self._cd, self._targ, ContextData(),

  250. 		    ObjectType(oid),

  251. 		    lexicographicMode=False):

  252. 			if errorInd: # pragma: no cover

  253. 				raise ValueError(errorInd)

  254. 			elif errorStatus: # pragma: no cover

  255. 				raise ValueError('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBinds[int(errorIndex)-1][0] or '?'))

  256. 			else:

  257. 				for varBind in varBinds:

  258. 					yield varBind

  259. 

  260. 	def getportmapping(self):

  261. 		'''Return a port name mapping.  Keys are the port index

  262. 		and the value is the name from the ifName entry.'''

  263. 

  264. 		return { x[0][-1]: str(x[1]) for x in self._walk('IF-MIB', 'ifName') }

  265. 

  266. 	def findport(self, name):

  267. 		'''Look up a port name and return it's port index.  This

  268. 		looks up via the ifName table in IF-MIB.'''

  269. 

  270. 		return [ x[0][-1] for x in self._walk('IF-MIB', 'ifName') if str(x[1]) == name ][0]

  271. 

  272. 	def getvlanname(self, vlan):

  273. 		'''Return the name for the vlan.'''

  274. 

  275. 		v = self._get(('Q-BRIDGE-MIB', 'dot1qVlanStaticName', vlan))

  276. 

  277. 		return str(v).decode('utf-8')

  278. 

  279. 	def createvlan(self, vlan, name):

  280. 		# createAndGo(4)

  281. 		self._set(('Q-BRIDGE-MIB', 'dot1qVlanStaticRowStatus',

  282. 		    int(vlan)), 4)

  283. 		self._set(('Q-BRIDGE-MIB', 'dot1qVlanStaticName', int(vlan)),

  284. 		    name)

  285. 

  286. 	def deletevlan(self, vlan):

  287. 		self._set(('Q-BRIDGE-MIB', 'dot1qVlanStaticRowStatus',

  288. 		    int(vlan)), 6) # destroy(6)

  289. 

  290. 	def getvlans(self):

  291. 		'''Return an iterator with all the vlan ids.'''

  292. 

  293. 		return (x[0][-1] for x in self._walk('Q-BRIDGE-MIB', 'dot1qVlanStatus'))

  294. 

  295. 	def staticvlans(self):

  296. 		'''Return an iterator of the staticly defined/configured

  297. 		vlans.  This sometimes excludes special built in vlans,

  298. 		like vlan 1.'''

  299. 

  300. 		return (x[0][-1] for x in self._walk('Q-BRIDGE-MIB', 'dot1qVlanStaticName'))

  301. 

  302. 	def getpvid(self):

  303. 		'''Returns a dictionary w/ the interface index as the key,

  304. 		and the pvid of the interface.'''

  305. 

  306. 		return { x[0][-1]: int(x[1]) for x in self._walk('Q-BRIDGE-MIB', 'dot1qPvid') }

  307. 

  308. 	def getegress(self, *vlans):

  309. 		r = { x[-1]: _octstrtobits(y) for x, y in

  310. 		    self._getmany(*(('Q-BRIDGE-MIB',

  311. 		    'dot1qVlanStaticEgressPorts', x) for x in vlans)) }

  312. 

  313. 		return r

  314. 

  315. 	def getuntagged(self, *vlans):

  316. 		r = { x[-1]: _octstrtobits(y) for x, y in

  317. 		    self._getmany(*(('Q-BRIDGE-MIB',

  318. 		    'dot1qVlanStaticUntaggedPorts', x) for x in vlans)) }

  319. 

  320. 		return r

  321. 

  322. if __name__ == '__main__': # pragma: no cover

  323. 	print `checkchanges('data')`

  324. 

  325. class _TestMisc(unittest.TestCase):

  326. 	def setUp(self):

  327. 		import test_data

  328. 

  329. 		self._test_data = test_data

  330. 

  331. 	def test_intstobits(self):

  332. 		self.assertEqual(_intstobits(1, 5, 10), '1000100001')

  333. 		self.assertEqual(_intstobits(3, 4, 9), '001100001')

  334. 

  335. 	def test_octstrtobits(self):

  336. 		self.assertEqual(_octstrtobits('\x00'), '0' * 8)

  337. 		self.assertEqual(_octstrtobits('\xff'), '1' * 8)

  338. 		self.assertEqual(_octstrtobits('\xf0'), '1' * 4 + '0' * 4)

  339. 		self.assertEqual(_octstrtobits('\x0f'), '0' * 4 + '1' * 4)

  340. 

  341. 	def test_cmpbits(self):

  342. 		self.assertTrue(_cmpbits('111000', '111'))

  343. 		self.assertTrue(_cmpbits('000111000', '000111'))

  344. 		self.assertTrue(_cmpbits('11', '11'))

  345. 		self.assertFalse(_cmpbits('0011', '11'))

  346. 		self.assertFalse(_cmpbits('11', '0011'))

  347. 

  348. 	def test_pvidegressuntagged(self):

  349. 		data = {

  350. 			1: {

  351. 				'u':	[ 1, 5, 10 ] + range(13, 20),

  352. 				't':    [ 'lag2', 6, 7 ],

  353. 			},

  354. 			10: {

  355. 				'u':	[ 2, 3, 6, 7, 8, 'lag2' ],

  356. 			},

  357. 			13: {

  358. 				'u':	[ 4, 9 ],

  359. 				't':    [ 'lag2', 6, 7 ],

  360. 			},

  361. 			14: {

  362. 				't':	[ 'lag2' ],

  363. 			},

  364. 		}

  365. 		swconf = SwitchConfig('', '', data, [ 'lag3' ])

  366. 

  367. 		lookup = {

  368. 			'lag2': 30,

  369. 			'lag3': 31,

  370. 		}

  371. 		lufun = lookup.__getitem__

  372. 

  373. 		check = dict(itertools.chain(enumerate([ 1, 10, 10, 13, 1, 10,

  374. 		    10, 10, 13, 1 ], 1), enumerate([ 1 ] * 7, 13),

  375. 		    [ (30, 10) ]))

  376. 

  377. 		# That a pvid mapping

  378. 		res = getpvidmapping(data, lufun)

  379. 

  380. 		# is correct

  381. 		self.assertEqual(res, check)

  382. 

  383. 		self.assertEqual(swconf.getportlist(lufun),

  384. 		    set(xrange(1, 11)) | set(xrange(13, 20)) | set(lookup.values()))

  385. 

  386. 		checkegress = {

  387. 			1:	'1000111001001111111' + '0' * (30 - 20) + '1',

  388. 			10:	'01100111' + '0' * (30 - 9) + '1',

  389. 			13:	'000101101' + '0' * (30 - 10) + '1',

  390. 			14:	'0' * (30 - 1) + '1',

  391. 		}

  392. 

  393. 		self.assertEqual(getegress(data, lufun), checkegress)

  394. 

  395. 		checkuntagged = {

  396. 			1:	'1000100001001111111',

  397. 			10:	'01100111' + '0' * (30 - 9) + '1',

  398. 			13:	'000100001',

  399. 			14:	'',

  400. 		}

  401. 		self.assertEqual(getuntagged(data, lufun), checkuntagged)

  402. 

  403. 	#@unittest.skip('foo')

  404. 	@mock.patch('vlanmang.SNMPSwitch.getuntagged')

  405. 	@mock.patch('vlanmang.SNMPSwitch.getegress')

  406. 	@mock.patch('vlanmang.SNMPSwitch.getpvid')

  407. 	@mock.patch('vlanmang.SNMPSwitch.getportmapping')

  408. 	@mock.patch('importlib.import_module')

  409. 	def test_checkchanges(self, imprt, portmapping, gpvid, gegress, guntagged):

  410. 		# that import returns the test data

  411. 		imprt.side_effect = itertools.repeat(self._test_data)

  412. 

  413. 		# that getportmapping returns the following dict

  414. 		ports = { x: 'g%d' % x for x in xrange(1, 24) }

  415. 		ports[30] = 'lag1'

  416. 		ports[31] = 'lag2'

  417. 		ports[32] = 'lag3'

  418. 		portmapping.side_effect = itertools.repeat(ports)

  419. 

  420. 		# that the switch's pvid returns

  421. 		spvid = { x: 283 for x in xrange(1, 24) }

  422. 		spvid[30] = 5

  423. 		gpvid.side_effect = itertools.repeat(spvid)

  424. 

  425. 		# the the extra port is caught

  426. 		self.assertRaises(ValueError, checkchanges, 'data')

  427. 

  428. 		# that the functions were called

  429. 		imprt.assert_called_with('data')

  430. 		portmapping.assert_called()

  431. 

  432. 		# XXX - check that an ignore statement is honored

  433. 

  434. 		# delete the extra port

  435. 		del ports[32]

  436. 

  437. 		# that the egress data provided

  438. 		gegress.side_effect = [ {

  439. 			1: '1' * 10,

  440. 			5: '1' * 10,

  441. 			283: '00000000111111111110011000000100000',

  442. 		} ]

  443. 

  444. 		# that the untagged data provided

  445. 		guntagged.side_effect = [ {

  446. 			1: '1' * 10,

  447. 			5: '1' * 8 + '0' * 10,

  448. 			283: '00000000111111111110011',

  449. 		} ]

  450. 

  451. 		res = checkchanges('data')

  452. 

  453. 		validres = [ ('setpvid', x, 5, 283) for x in xrange(1, 9) ] + \

  454. 		    [ ('setpvid', 20, 1, 283),

  455. 		    ('setpvid', 21, 1, 283),

  456. 		    ('setpvid', 30, 1, 5),

  457. 		    ('setegress', 1, '0' * 19 + '11' + '0' * 8 + '1', '1' * 10),

  458. 		    ('setuntagged', 1, '0' * 19 + '11' + '0' * 8 + '1', '1' * 10),

  459. 		    ('setegress', 5, '1' * 8 + '0' * 11 + '11' + '0' * 8 + '1', '1' * 10),

  460. 		    ]

  461. 

  462. 		self.assertEqual(set(res), set(validres))

  463. 

  464. _skipSwitchTests = True

  465. 

  466. class _TestSwitch(unittest.TestCase):

  467. 	def setUp(self):

  468. 		# If we don't have it, pretend it's true for now and

  469. 		# we'll recheck it later

  470. 		model = 'GS108T smartSwitch'

  471. 		if getattr(self, 'switchmodel', model) != model or \

  472. 		    _skipSwitchTests: # pragma: no cover

  473. 			self.skipTest('Need a GS108T switch to run these tests')

  474. 

  475. 		args = open('test.creds').read().split()

  476. 		self.switch = SNMPSwitch(*args)

  477. 

  478. 		self.switchmodel = self.switch._get(('ENTITY-MIB',

  479. 		    'entPhysicalModelName', 1))

  480. 		if self.switchmodel != model: # pragma: no cover

  481. 			self.skipTest('Need a GS108T switch to run these tests')

  482. 

  483. 	def test_misc(self):

  484. 		switch = self.switch

  485. 

  486. 		self.assertEqual(switch.findport('g1'), 1)

  487. 		self.assertEqual(switch.findport('l1'), 14)

  488. 

  489. 	def test_portnames(self):

  490. 		switch = self.switch

  491. 

  492. 		resp = dict((x, 'g%d' % x) for x in xrange(1, 9))

  493. 		resp.update({ 13: 'cpu' })

  494. 		resp.update((x, 'l%d' % (x - 13)) for x in xrange(14, 18))

  495. 

  496. 		self.assertEqual(switch.getportmapping(), resp)

  497. 

  498. 	def test_egress(self):

  499. 		switch = self.switch

  500. 

  501. 		egress = switch.getegress(1, 2, 3)

  502. 

  503. 		checkegress = {

  504. 			1: '1' * 8 + '0' * 5 + '1' * 4 + '0' * 23,

  505. 			2: '0' * 8 * 5,

  506. 			3: '0' * 8 * 5,

  507. 		}

  508. 

  509. 		self.assertEqual(egress, checkegress)

  510. 

  511. 	def test_untagged(self):

  512. 		switch = self.switch

  513. 

  514. 		untagged = switch.getuntagged(1, 2, 3)

  515. 

  516. 		checkuntagged = {

  517. 			1: '1' * 8 * 5,

  518. 			2: '1' * 8 * 5,

  519. 			3: '1' * 8 * 5,

  520. 		}

  521. 

  522. 		self.assertEqual(untagged, checkuntagged)

  523. 

  524. 	def test_vlan(self):

  525. 		switch = self.switch

  526. 

  527. 		existingvlans = set(switch.getvlans())

  528. 

  529. 		while True:

  530. 			testvlan = random.randint(1,4095)

  531. 			if testvlan not in existingvlans:

  532. 				break

  533. 

  534. 		# Test that getting a non-existant vlans raises an exception

  535. 		self.assertRaises(ValueError, switch.getvlanname, testvlan)

  536. 

  537. 		self.assertTrue(set(switch.staticvlans()).issubset(existingvlans))

  538. 

  539. 		pvidres = { x: 1 for x in xrange(1, 9) }

  540. 		pvidres.update({ x: 1 for x in xrange(14, 18) })

  541. 		self.assertEqual(switch.getpvid(), pvidres)

  542. 

  543. 		testname = 'Sometestname'

  544. 

  545. 		# Create test vlan

  546. 		switch.createvlan(testvlan, testname)

  547. 		try:

  548. 			# make sure the test vlan was created

  549. 			self.assertIn(testvlan, set(switch.staticvlans()))

  550. 

  551. 			self.assertEqual(testname, switch.getvlanname(testvlan))

  552. 		finally:

  553. 			switch.deletevlan(testvlan)